A. Holzinger LV 1/13/2016 706.049 Schedule Andreas Holzinger . 1. Intro: Computer Science meets Life Sciences, challenges, future directions VO 709.049 Medical Informatics . 2. Back to the future: Fundamentals of Data, Information and Knowledge 13.01.2016 11:15‐12:45 . 3. Structured Data: Coding, Classification (ICD, SNOMED, MeSH, UMLS) Lecture 11 . 4. Biomedical Databases: Acquisition, Storage, Information Retrieval and Use . 5. Semi structured and weakly structured data (structural homologies) Biomedical Data: . 6. Multimedia Data Mining and Knowledge Discovery . 7. Knowledge and Decision: Cognitive Science & Human‐Computer Interaction Privacy, Safety, Security, Data Protection . 8. Biomedical Decision Making: Reasoning and Decision Support [email protected] . 9. Intelligent Information Visualization and Visual Analytics Tutor: [email protected] . 10. Biomedical Information Systems and Medical Knowledge Management http://hci‐kdd.org/biomedical‐informatics‐big‐data . 11. Biomedical Data: Privacy, Safety and Security . 12. Methodology for Info Systems: System Design, Usability & Evaluation A. Holzinger 709.049 1/76 Med Informatics L11 A. Holzinger 709.049 2/76 Med Informatics L11 Learning Goals: At the end of this 11th lecture you … Keywords of the 11th Lecture . are able to determine between privacy, safety and . Adverse events security; . Anoynmization . know the famous IOM report “Why do accidents happen” and its influence on safety engineering; . Context aware patient safety . have a basic understanding of human error and are able . Faults and Human error to determine types of adverse events in medicine and . Medical errors health care; . Privacy . have seen some examples on how ubiquitous computing might contribute to enhancing patient safety; . Pseudonymization . got an idea of the principles of context‐aware patient . Privacy aware machine learning safety; . Safety and Security . saw a recent approach about pseudonymization for . Swiss‐Cheese Model of human error privacy in e‐health; . are aware of the security characteristics of the popular Technical dependability personal health records; A. Holzinger 709.049 3/76 Med Informatics L11 A. Holzinger 709.049 4/76 Med Informatics L11 Advance Organizer (1/3) Advance Organizer (2/3) . Acceptable Risk = the residual risk remaining after identification/reporting of . k‐Anonymity = an approach to counter linking attacks using quasi‐identifiers, hazards and the acceptance of those risks; where a table satisfies k‐anonymity if every record in the table is indisnguishable from at least k − 1 other records with respect to every set of . Adverse event = harmful, undesired effect resulting from a medication or quasi‐identifier attributes; hence, for every combination of values of the other intervention such as surgery; quasi‐identifiers in the k‐anonymous table, there are at least k records that . Anonymization = important method of de‐identification to protect the privacy share those values, which ensures that individuals cannot be uniquely of health information (antonym: re‐identification); identified by linking attacks; . Authentication = to verify the identity of a user (or other entity, could also be . Medical error = any kind of adverse effect of care, whether or not harmful to another device), as a prerequisite to allow access to the system; also: to verify the patient; including inaccurateness, incompleteness of a diagnosis, the integrity of the stored data to possible unauthorized modification; treatment etc.; . Confidentiality = The rule dates back to at least the Hippocratic Oath: . Nomen nescio (N.N) = used to signify an anonymous non‐specific person; “Whatever, in connection with my professional service, or not in connection . Patient safety = in healthcare this is the equivalent of systems safety in with it, I see or hear, in the life of man, which ought not to be spoken of industry; abroad, I will not divulge, as reckoning that all such should be kept secret”; . Personally‐identifying information = can be used to connect a medical record . Data protection = ensuring that personal data is not processed without the back to an identified person; knowledge and the consent of the data owner (e.g. patient); . Prevention = any action directed to preventing illness and promoting health to . Data security = includes confidentiality, integrity, and availability of data, and reduce the need for secondary or tertiary health care; including the helps to ensure privacy; assessment of disease risk and raising public health awareness; . Hazard = the potential for adverse effects, but not the effect (accident) itself; . Privacy = (US pron. “prai …”; UK pron. “pri …”; from Latin: privatus "separated hazards are just contributory events that might lead to a final adverse from the rest”, is the individual rights of people to protect their personal life outcome; and matters from the outside world; . Human fallibility = addresses the fundamental sensory, cognitive, and motor . Privacy policy = organizational access rules and obligations on privacy, use and limitations of humans that predispose them to error; disclosure of data; A. Holzinger 709.049 5/76 Med Informatics L11 A. Holzinger 709.049 6/76 Med Informatics L11 WS 2015/16 1 A. Holzinger LV 1/13/2016 706.049 Advance Organizer (3/3) Slide 11‐1 Key Challenges . Protected health information (PHI) = any info on e.g. health status, treatments or even payment details for health care which may be linked back to a particular person; . Pseudonymisation = procedure where (some) identifying fields within a data record are . Sensitive, Personal Health Data replaced by artificial identifiers (pseudonyms) in order to render the patient record less identifying; . Mobile solutions, Cloud solutions . Quasi‐Identifiers = sets of attributes (e.g. gender, date of birth, and zip code) that can be linked with external data so that it is possible to identify individuals out of the population; . Primary use of Data . Safety = any protection from any harm, injury, or damage; . Safety engineering = is an applied science strongly related to systems engineering / industrial engineering and the subset System Safety Engineering. Safety engineering . Secondary use of Data for Research assures that a life‐critical system behaves as needed even when components fail. Safety risk management = follows the process defined in the ISO 14971 standard (see . In the medical area ALL aspects require strict Lecture 12) . Safety‐critical systems research = interdisciplinary field of systems research, software engineering and cognitive psychology to improve safety in high‐risk environments; such technologies cannot be studied in isolation from human factors and the contexts and environments in which they are used; .Privacy, Safety, Security . Security = (in terms of computer, data, information security) means protecting from unauthorized access, use, modification, disruption or destruction etc.; . Sensitive data = According to EC definition it encompasses all data concerning health of a and Data Protection! person; . Swiss‐Cheese Model = used to analyze the causes of systematic failures or accidents in aviation, engineering and healthcare; it describes accident causation as a series of events which must occur in a specific order and manner for an accident to occur; Horvitz, E. & Mulligan, D. 2015. Data, privacy, and the greater good. Science, 349, (6245), 253‐255. A. Holzinger 709.049 7/76 Med Informatics L11 A. Holzinger 709.049 8/76 Med Informatics L11 Slide 11‐2 We start with thinking about safety first … Safety first … http://ngadventure.typep ad.com/blog/news‐k2‐ death‐trap‐is‐sec.html A. Holzinger 709.049 9/76 Med Informatics L11 A. Holzinger 709.049 10/76 Med Informatics L11 Slide 11‐3 Exposure of catastrophes ‐ associated deaths Slide 11‐4a Definitions (1/2) … The size of the box represents the range of risk in which a given barrier is active. Reduction of risk beyond . Safety = any protection from harm, injury, or the maximum range of a barrier presupposes crossing this barrier. damage; Shaded boxes represent the 5 system barriers. Data Protection = all measures to ensure availability ASA = American Society of Anesthesiologists. and integrity of data . Privacy = (US pron. “prai …”; UK pron. “pri …”; from Latin: privatus "separated from the rest”, are the individual rights of people to protect their personal life and matters Confidentiality = secrecy (“ärztliche Schweigepflicht”) Amalberti, R., Auroy, Y., Berwick, D. & Barach, P. (2005) Five system barriers to achieving Mills, K. S., Yao, R. S. & Chan, Y. E. (2003) Privacy in Canadian Health Networks: challenges and ultrasafe health care. Annals of Internal Medicine, 142, 9, 756‐764. opportunities. Leadership in Health Services, 16, 1, 1‐10. A. Holzinger 709.049 11/76 Med Informatics L11 A. Holzinger 709.049 12/76 Med Informatics L11 WS 2015/16 2 A. Holzinger LV 1/13/2016 706.049 Slide 11‐4b Definitions (2/2)… Slide 11‐5 The famous report “Why do accidents happen” 150000 . Availability = p(x) that a system is operational at a given time, i.e. the amount of time a device is actually operating 120000 as the percentage of total time it should be operating; . Reliability = the probability that a system will produce 100000 correct outputs up to some given time; . Security = (in terms of computer, data, information security) means protecting from unauthorized access, use, 50000 43649 modification, disruption or destruction etc.; 14986 . Dependability = the system property that integrates such 3959 329 attributes